Zsh Mailing List Archive
Messages sorted by:
Reverse Date,
Date,
Thread,
Author
PGP key question
- X-seq: zsh-users 23690
- From: Clark Dunson <cdunson@xxxxxxxxxxxxxxx>
- To: "zsh-users@xxxxxxx" <zsh-users@xxxxxxx>
- Subject: PGP key question
- Date: Tue, 2 Oct 2018 01:21:03 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is ) smtp.mailfrom=cdunson@xxxxxxxxxxxxxxx;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sstinc.onmicrosoft.com; s=selector1-shotspotter-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aBbTaIY0NkEgHDSk6oMuSCWsYn3uWTreqRknglTIaug=; b=iFjxZJg5j4rLx+wpRbffwE3YlTQH15rt5fe8iWxIakl4TYv17Y3zREmjHBkkCL4U7klpSrTikQLpljZwx+G7WIVIczJ7q/m7dK8bJX6ASGoFovWXQSrQiIMj8YMuCgS0bifFKFTx/eN9q1QZzSm8ondz5KwoUQYU+YRhPbyqwP8=
- List-help: <mailto:zsh-users-help@zsh.org>
- List-id: Zsh Users List <zsh-users.zsh.org>
- List-post: <mailto:zsh-users@zsh.org>
- List-unsubscribe: <mailto:zsh-users-unsubscribe@zsh.org>
- Mailing-list: contact zsh-users-help@xxxxxxx; run by ezmlm
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
- Thread-index: AQHUWe4vbVTNAZH+F0avmV7V6SlAnA==
- Thread-topic: PGP key question
On the site it says:
All files are signed with the following OpenPGP<https://en.wikipedia.org/wiki/Pretty_Good_Privacy> keys:
pub 2048R/4BDB27B3 2015-11-25
Key fingerprint = F7B2 754C 7DE2 8309 1466 1F0E A71D 9A9D 4BDB 27B3
uid Peter Stephenson <p.w.stephenson@xxxxxxxxxxxx>
sub 2048R/4C58D718 2015-11-25
pub rsa3072 2013-06-11 [SC] [expires: 2020-07-01]
E96646BE08C0AF0AA0F90788A5FEEE3AC7937444
uid [ unknown] Daniel Shahaf
uid [ unknown] Daniel Shahaf
sub rsa3072 2013-06-11 [E] [expires: 2020-07-01]
sub rsa4032 2017-06-28 [S] [expires: 2020-07-01]
But I get:
~/Downloads$ gpg --verify zsh-5.6.2.tar.xz.asc zsh-5.6.2.tar.xz
gpg: Signature made Fri Sep 14 05:58:34 2018 PDT
gpg: using RSA key 6EB60B637CE5ACBF2449A2DADB27E997429AF20C
gpg: key A5FEEE3AC7937444: 26 signatures not checked due to missing keys
gpg: key A5FEEE3AC7937444: public key "Daniel Shahaf <danielsh@xxxxxxxxxx>" imported
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2022-10-02
gpg: Total number processed: 1
gpg: imported: 1
gpg: Good signature from "Daniel Shahaf <danielsh@xxxxxxxxxx>" [unknown]
gpg: aka "Daniel Shahaf <d.s@xxxxxxxxxxxxxxxxxx>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: E966 46BE 08C0 AF0A A0F9 0788 A5FE EE3A C793 7444
Subkey fingerprint: 6EB6 0B63 7CE5 ACBF 2449 A2DA DB27 E997 429A F20C
Is there a concern here?
Thank you!
Clark
Messages sorted by:
Reverse Date,
Date,
Thread,
Author